2005-07-24 20:53:54 +00:00
|
|
|
require 'rex/proto/http'
|
|
|
|
|
|
|
|
|
|
module Rex
|
|
|
|
|
module Proto
|
|
|
|
|
module Http
|
|
|
|
|
|
2005-09-15 23:37:38 +00:00
|
|
|
DefaultProtocol = '1.1'
|
2005-07-24 20:53:54 +00:00
|
|
|
|
|
|
|
|
###
|
|
|
|
|
#
|
|
|
|
|
# This class represents an HTTP packet.
|
|
|
|
|
#
|
|
|
|
|
###
|
|
|
|
|
class Packet
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Parser processing codes
|
|
|
|
|
#
|
|
|
|
|
module ParseCode
|
|
|
|
|
Completed = 1
|
|
|
|
|
Partial = 2
|
|
|
|
|
Error = 3
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Parser states
|
|
|
|
|
#
|
|
|
|
|
module ParseState
|
|
|
|
|
ProcessingHeader = 1
|
|
|
|
|
ProcessingBody = 2
|
|
|
|
|
Completed = 3
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
require 'rex/proto/http/header'
|
|
|
|
|
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
|
# Initializes an instance of an HTTP packet.
|
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
def initialize()
|
|
|
|
|
self.headers = Header.new
|
2005-09-15 23:37:38 +00:00
|
|
|
self.auto_cl = true
|
2005-07-24 20:53:54 +00:00
|
|
|
|
|
|
|
|
reset
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Return the associated header value, if any.
|
|
|
|
|
#
|
|
|
|
|
def [](key)
|
|
|
|
|
self.headers[key]
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Set the associated header value.
|
|
|
|
|
#
|
|
|
|
|
def []=(key, value)
|
|
|
|
|
self.headers[key] = value
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Parses the supplied buffer. Returns one of the two parser processing
|
2005-11-15 05:22:13 +00:00
|
|
|
# codes (Completed, Partial, or Error).
|
2005-07-24 20:53:54 +00:00
|
|
|
#
|
|
|
|
|
def parse(buf)
|
|
|
|
|
# Append the incoming buffer to the buffer queue.
|
|
|
|
|
self.bufq += buf
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
# If we're processing headers, do that now.
|
|
|
|
|
if (self.state == ParseState::ProcessingHeader)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
parse_header_re
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# If we're processing the body (possibly after having finished
|
|
|
|
|
# processing headers), do that now.
|
|
|
|
|
if (self.state == ParseState::ProcessingBody)
|
|
|
|
|
parse_body
|
|
|
|
|
end
|
|
|
|
|
rescue
|
|
|
|
|
self.error = $!
|
|
|
|
|
return ParseCode::Error
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Return completed or partial to the parsing status to the caller
|
|
|
|
|
(self.state == ParseState::Completed) ? ParseCode::Completed : ParseCode::Partial
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Reset the parsing state and buffers.
|
|
|
|
|
#
|
|
|
|
|
def reset
|
|
|
|
|
self.bufq = ''
|
|
|
|
|
self.state = ParseState::ProcessingHeader
|
|
|
|
|
self.headers.reset
|
|
|
|
|
self.body = ''
|
2005-09-15 23:37:38 +00:00
|
|
|
self.transfer_chunked = nil
|
|
|
|
|
self.inside_chunk = nil
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns whether or not parsing has completed.
|
|
|
|
|
#
|
|
|
|
|
def completed?
|
|
|
|
|
comp = false
|
|
|
|
|
|
|
|
|
|
# If the parser state is processing the body and there are an
|
|
|
|
|
# undetermined number of bytes left to read, we just need to say that
|
|
|
|
|
# things are completed as it's hard to tell whether or not they really
|
|
|
|
|
# are.
|
|
|
|
|
if ((self.state == ParseState::ProcessingBody) and
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
(self.body_bytes_left < 0) )
|
2005-07-24 20:53:54 +00:00
|
|
|
comp = true
|
|
|
|
|
# Or, if the parser state actually is completed, then we're good.
|
|
|
|
|
elsif (self.state == ParseState::Completed)
|
|
|
|
|
comp = true
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
return comp
|
|
|
|
|
end
|
|
|
|
|
|
2006-01-27 05:33:08 +00:00
|
|
|
#
|
|
|
|
|
# Build a 'Transfer-Encoding: chunked' payload with random chunk sizes
|
|
|
|
|
#
|
|
|
|
|
def chunk(str, min_size = 1, max_size = 1000)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
chunked = ''
|
2006-01-05 22:20:28 +00:00
|
|
|
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
# min chunk size is 1 byte
|
|
|
|
|
if (min_size < 1); min_size = 1; end
|
2006-01-05 22:20:28 +00:00
|
|
|
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
# don't be dumb
|
|
|
|
|
if (max_size < min_size); max_size = min_size; end
|
2006-01-05 22:20:28 +00:00
|
|
|
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
while (str.size > 0)
|
|
|
|
|
chunk = str.slice!(0, rand(max_size - min_size) + min_size)
|
|
|
|
|
chunked += sprintf("%x", chunk.size) + "\r\n" + chunk + "\r\n"
|
|
|
|
|
end
|
|
|
|
|
chunked += "0\r\n\r\n"
|
2006-01-27 05:33:08 +00:00
|
|
|
end
|
2006-01-05 22:20:28 +00:00
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
#
|
2005-11-15 05:22:13 +00:00
|
|
|
# Converts the packet to a string.
|
2005-07-24 20:53:54 +00:00
|
|
|
#
|
|
|
|
|
def to_s
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
content = self.body.dup
|
2005-07-24 20:53:54 +00:00
|
|
|
# Update the content length field in the header with the body length.
|
2006-01-05 22:20:28 +00:00
|
|
|
if (content)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
if !self.compress.nil?
|
|
|
|
|
case self.compress
|
|
|
|
|
when 'gzip'
|
|
|
|
|
self.headers['Content-Encoding'] = 'gzip'
|
|
|
|
|
content = Rex::Text.gzip(content)
|
|
|
|
|
when 'deflate'
|
|
|
|
|
self.headers['Content-Encoding'] = 'deflate'
|
|
|
|
|
content = Rex::Text.zlib_deflate(content)
|
2006-01-30 17:31:32 +00:00
|
|
|
when 'none'
|
|
|
|
|
# this one is fine...
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
# when 'compress'
|
|
|
|
|
else
|
|
|
|
|
raise RuntimeError, 'Invalid Content-Encoding'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if (self.auto_cl == true && self.transfer_chunked == true)
|
|
|
|
|
raise RuntimeError, "'Content-Length' and 'Transfer-Encoding: chunked' are incompatable"
|
|
|
|
|
elsif self.auto_cl == true
|
|
|
|
|
self.headers['Content-Length'] = content.length
|
|
|
|
|
elsif self.transfer_chunked == true
|
|
|
|
|
if self.proto != '1.1'
|
|
|
|
|
raise RuntimeError, 'Chunked encoding is only available via 1.1'
|
|
|
|
|
end
|
|
|
|
|
self.headers['Transfer-Encoding'] = 'chunked'
|
|
|
|
|
content = self.chunk(content, self.chunk_min_size, self.chunk_max_size)
|
|
|
|
|
end
|
|
|
|
|
end
|
2005-07-24 20:53:54 +00:00
|
|
|
|
|
|
|
|
str = self.headers.to_s(cmd_string)
|
2006-01-05 22:20:28 +00:00
|
|
|
str += content || ''
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
2005-11-15 05:22:13 +00:00
|
|
|
# Converts the packet from a string.
|
2005-07-24 20:53:54 +00:00
|
|
|
#
|
|
|
|
|
def from_s(str)
|
|
|
|
|
reset
|
|
|
|
|
|
|
|
|
|
parse(str)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Returns the command string, such as:
|
|
|
|
|
#
|
|
|
|
|
# HTTP/1.0 200 OK for a response
|
|
|
|
|
#
|
|
|
|
|
# or
|
|
|
|
|
#
|
|
|
|
|
# GET /foo HTTP/1.0 for a request
|
|
|
|
|
#
|
|
|
|
|
def cmd_string
|
|
|
|
|
self.headers.cmd_string
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
attr_reader :headers
|
|
|
|
|
attr_reader :error
|
|
|
|
|
attr_accessor :state
|
|
|
|
|
attr_accessor :bufq
|
|
|
|
|
attr_accessor :body
|
|
|
|
|
attr_accessor :auto_cl
|
2005-09-15 23:37:38 +00:00
|
|
|
attr_accessor :max_data
|
2006-01-05 22:20:28 +00:00
|
|
|
attr_accessor :transfer_chunked
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
attr_accessor :compress
|
2005-09-15 23:37:38 +00:00
|
|
|
attr_reader :incomplete
|
2006-01-05 22:20:28 +00:00
|
|
|
|
2006-01-27 05:33:08 +00:00
|
|
|
attr_accessor :chunk_min_size
|
|
|
|
|
attr_accessor :chunk_max_size
|
2005-09-15 23:37:38 +00:00
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
protected
|
|
|
|
|
|
|
|
|
|
attr_writer :headers
|
|
|
|
|
attr_writer :error
|
2005-09-15 23:37:38 +00:00
|
|
|
attr_writer :incomplete
|
2005-07-24 20:53:54 +00:00
|
|
|
attr_accessor :body_bytes_left
|
2005-09-15 23:37:38 +00:00
|
|
|
attr_accessor :inside_chunk
|
2005-07-24 20:53:54 +00:00
|
|
|
|
|
|
|
|
##
|
|
|
|
|
#
|
|
|
|
|
# Overridable methods
|
|
|
|
|
#
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Allows derived classes to split apart the command string.
|
|
|
|
|
#
|
|
|
|
|
def update_cmd_parts(str)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
#
|
|
|
|
|
# Parsing
|
|
|
|
|
#
|
|
|
|
|
##
|
|
|
|
|
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
def parse_header_re
|
2006-03-09 19:51:37 +00:00
|
|
|
m = /(.*?)\r?\n\r?\n(.*)/smi.match(self.bufq)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
if m != nil
|
|
|
|
|
self.headers.from_s(m[1])
|
|
|
|
|
self.bufq = m[2]
|
|
|
|
|
|
|
|
|
|
# Extract the content length, if any.
|
|
|
|
|
if (self.headers['Content-Length'])
|
|
|
|
|
self.body_bytes_left = self.headers['Content-Length'].to_i
|
|
|
|
|
else
|
|
|
|
|
self.body_bytes_left = -1
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if (self.headers['Transfer-Encoding'])
|
|
|
|
|
self.transfer_chunked = 1 if self.headers['Transfer-Encoding'] =~ /chunked/i
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
connection = self.headers['Connection']
|
|
|
|
|
comp_on_close = false
|
|
|
|
|
|
|
|
|
|
if (connection and connection == 'close')
|
|
|
|
|
comp_on_close = true
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Change states to processing the body if we have a content length or
|
|
|
|
|
# the connection type is close.
|
|
|
|
|
if ((self.body_bytes_left > 0) or (comp_on_close) or self.transfer_chunked)
|
|
|
|
|
self.state = ParseState::ProcessingBody
|
|
|
|
|
else
|
|
|
|
|
self.state = ParseState::Completed
|
|
|
|
|
end
|
|
|
|
|
else
|
|
|
|
|
self.headers.from_s(self.bufq)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# No command string? Wack.
|
|
|
|
|
if (self.headers.cmd_string == nil)
|
|
|
|
|
raise RuntimeError, "Invalid command string", caller
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Allow derived classes to update the parts of the command string
|
|
|
|
|
self.update_cmd_parts(self.headers.cmd_string)
|
|
|
|
|
end
|
|
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
#
|
|
|
|
|
# Parses the header portion of the request.
|
|
|
|
|
#
|
|
|
|
|
def parse_header
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
# Does the buffer queue contain the entire header? If so, parse it and
|
|
|
|
|
# transition to the body parsing phase.
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
idx = self.bufq.index(/\r?\n\r?\n/)
|
2005-09-15 23:37:38 +00:00
|
|
|
|
2006-01-16 16:29:22 +00:00
|
|
|
if (idx and idx >= 0)
|
2005-09-15 23:37:38 +00:00
|
|
|
# Extract the header block
|
2006-01-16 16:29:22 +00:00
|
|
|
head = self.bufq.slice!(0, idx + 4)
|
2005-09-15 23:37:38 +00:00
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
# Serialize the headers
|
|
|
|
|
self.headers.from_s(head)
|
|
|
|
|
|
|
|
|
|
# Extract the content length, if any.
|
2005-07-25 02:18:37 +00:00
|
|
|
if (self.headers['Content-Length'])
|
|
|
|
|
self.body_bytes_left = self.headers['Content-Length'].to_i
|
2005-07-24 20:53:54 +00:00
|
|
|
else
|
|
|
|
|
self.body_bytes_left = -1
|
|
|
|
|
end
|
2005-07-25 02:18:37 +00:00
|
|
|
|
2005-09-15 23:37:38 +00:00
|
|
|
if (self.headers['Transfer-Encoding'])
|
|
|
|
|
self.transfer_chunked = 1 if self.headers['Transfer-Encoding'] =~ /chunked/i
|
|
|
|
|
end
|
|
|
|
|
|
2005-07-25 02:18:37 +00:00
|
|
|
connection = self.headers['Connection']
|
|
|
|
|
comp_on_close = false
|
|
|
|
|
|
|
|
|
|
if (connection and connection == 'close')
|
|
|
|
|
comp_on_close = true
|
|
|
|
|
end
|
2005-09-15 23:37:38 +00:00
|
|
|
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
# Change states to processing the body if we have a content length or
|
2005-07-25 02:18:37 +00:00
|
|
|
# the connection type is close.
|
2005-09-15 23:37:38 +00:00
|
|
|
if ((self.body_bytes_left > 0) or (comp_on_close) or self.transfer_chunked)
|
2005-07-25 02:18:37 +00:00
|
|
|
self.state = ParseState::ProcessingBody
|
|
|
|
|
else
|
|
|
|
|
self.state = ParseState::Completed
|
|
|
|
|
end
|
2006-01-16 16:29:22 +00:00
|
|
|
else
|
|
|
|
|
return ParseState::ProcessingHeader
|
2005-09-15 23:37:38 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# No command string? Wack.
|
|
|
|
|
if (self.headers.cmd_string == nil)
|
|
|
|
|
raise RuntimeError, "Invalid command string", caller
|
|
|
|
|
end
|
2005-07-25 02:18:37 +00:00
|
|
|
|
2005-09-15 23:37:38 +00:00
|
|
|
# Allow derived classes to update the parts of the command string
|
|
|
|
|
self.update_cmd_parts(self.headers.cmd_string)
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Parses the body portion of the request.
|
|
|
|
|
#
|
|
|
|
|
def parse_body
|
2005-09-15 23:37:38 +00:00
|
|
|
# Just return if the buffer is empty
|
|
|
|
|
if (self.bufq.length == 0)
|
|
|
|
|
return
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Handle chunked transfer-encoding responses
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
if (self.transfer_chunked and self.inside_chunk != 1 and self.bufq.length)
|
2005-09-15 23:37:38 +00:00
|
|
|
|
|
|
|
|
# Remove any leading newlines or spaces
|
|
|
|
|
self.bufq.lstrip!
|
|
|
|
|
|
|
|
|
|
# Extract the actual hexadecimal length value
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
clen = self.bufq.slice!(/^[a-zA-Z0-9]*\r?\n/)
|
2005-12-08 05:55:44 +00:00
|
|
|
|
|
|
|
|
clen.rstrip! if (clen)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
|
|
|
|
|
# if we happen to fall upon the end of the buffer for the next chunk len and have no data left, go get some more...
|
|
|
|
|
if clen == nil and self.bufq.length == 0
|
|
|
|
|
return
|
|
|
|
|
end
|
|
|
|
|
|
2005-09-15 23:37:38 +00:00
|
|
|
self.body_bytes_left = clen.hex
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
|
2005-09-15 23:37:38 +00:00
|
|
|
if (self.body_bytes_left == 0)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
self.bufq.sub!(/^\r?\n/s,'')
|
|
|
|
|
self.state = ParseState::Completed
|
|
|
|
|
return
|
2005-09-15 23:37:38 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
self.inside_chunk = 1
|
|
|
|
|
end
|
|
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
# If there are bytes remaining, slice as many as we can and append them
|
|
|
|
|
# to our body state.
|
|
|
|
|
if (self.body_bytes_left > 0)
|
|
|
|
|
part = self.bufq.slice!(0, self.body_bytes_left)
|
|
|
|
|
|
|
|
|
|
self.body += part
|
|
|
|
|
self.body_bytes_left -= part.length
|
|
|
|
|
# Otherwise, just read it all.
|
|
|
|
|
else
|
|
|
|
|
self.body += self.bufq
|
|
|
|
|
self.bufq = ''
|
|
|
|
|
end
|
|
|
|
|
|
2005-09-15 23:37:38 +00:00
|
|
|
# Finish this chunk and move on to the next one
|
|
|
|
|
if (self.transfer_chunked and self.body_bytes_left == 0)
|
|
|
|
|
self.inside_chunk = 0
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
self.parse_body
|
|
|
|
|
return
|
2005-09-15 23:37:38 +00:00
|
|
|
end
|
|
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
# If there are no more bytes left, then parsing has completed and we're
|
|
|
|
|
# ready to go.
|
2005-09-15 23:37:38 +00:00
|
|
|
if (self.transfer_chunked != 1 and self.body_bytes_left <= 0)
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
self.state = ParseState::Completed
|
|
|
|
|
return
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
